<?php
	// TODO: redirect if already logged in
	// TODO: HTTPS
	require_once('/globals.php');
?>
<!DOCTYPE html>
<html>
<head>
	<link href="style.css" rel="Stylesheet" type="text/css" />
</head>
<body>
	<div class="PostContainer">	
		<div class="Post">
			<div class="PostHeader">
				Register as New User
			</div>
			<div class="PostContent">
				<p>	
					<ul>
						<li>
							All fields must be filled in.
						</li>
						<li>
							The username and email must be unique.
						</li>
						<li>
							This user will not be an admin.
						</li>
					</ul>
				</p>
				<form action="register.php" method="post">	
					<p>Username: <input type="text" name="username"> </p>
					
					<p>Password: <input type="password" name="password"></p>
					
					<p>Email: <input type="text" name="email"></p>
					
					<p><a href="reset_password.php">Forgot Password</a></p>
					<p><a href="login.php">Log In</a></p>
					<p><input type="submit" value="Create New User" name="createNewUserSubmit"></p>
					
					<p>
						<div id="error">
						</div>
					</p>
				</form>
			</div>
		</div>
	</div>

<?php
	if($_SERVER['REQUEST_METHOD'] == 'POST'):
		if(isset($_POST['createNewUserSubmit'])):
			handlePost();				
		endif;
	elseif ($_SERVER['REQUEST_METHOD'] == 'GET'):
		
	endif;
	
	function handlePost()
	{
		$username = sanitizeString($_POST['username']);
		$password = sanitizeStringKeepSpaces($_POST['password']);
		$email = sanitizeString($_POST['email']);
		if($username && $password && $email):
			createUser($username, $password, $email);			
		else:
			displayJavaScriptAlert("Please enter all fields.");
			return;
		endif;
	}
?>